Which proprietary hardware firewalls easy to convert to pfsense ?
-
does anyone know of any proprietary hardware firewall which are compatible with pfsense. ie can just format proprietary os and reinstall pfsense on hard drive.
i know firebox x700 is one of those types.
does anyone know of any more. in particularly cheap ones easy to mod
thanks
-
The Symantec 1620 was fairly straightforward conversion with a couple of hardware-related caveats up front:
1. You'll need a pci video adapter to hook up a monitor for the duration of the install, you'll also have to remove the plate from it before connecting it
2. You'll need a USB CDrom or better yet a standard IDE cable and IDE cdrom of recent vintage - I had mixed success with using a USB drive - to use IDE you'll have to remove the hard drive to get at the cable but it's just a couple of screws
3. You'll need a usb keyboardIt sounds like more hassle than it really is - once it's all installed you put things back the way you found them hardware-wise. Previous posts about converting a Symantec 1660 helped me along the way to a working system fwiw.
-
If you don't currently have a proprietary firewall, I would suggest checking ebay and/or craigslist for used 1u servers. They work just as well without any major modifications. We have had success with Dell PowerEdge 1750, however others here report finding cheap IBM and HP servers too.
The one downside would be if you need all the extra interfaces that are usually found on the hardware firewalls. 4 port NICs can sometimes be relatively expensive compared to the cheap old servers.
-
There are generalized hardware firewalls based on the PC Engines ALIX boards available preloaded with pfSense by Netgate (www.netgate.com) and I believe some other vendors.
-
Watchguard X series (CORE and PEAK) firewalls are availalbe on E-bay for cheap after having been discontinued in favor of the Xe series.
-
thanks for feedback.
interesting to see what people are running pfsense on
-
For ease of conversion I have to recommend the Watchguard X peak hardware. I was up and running in about 20mins! ;D
Most of that was downloading an image and writing it to a CF card.Steve
-
Anyone using anything else besides Watchguard/Symantec/ALIX? looking for proprietary hardware conversion project.
Thanks!
–James -
Anyone using anything else besides Watchguard/Symantec/ALIX? looking for proprietary hardware conversion project.
Thanks!
–Jamesi am also interested in other hardware besides the ones usually mentioned.
-
<sigh>well .. you guys just made me cave on the purchase of a Symantec GS 1660. :)
Can't wait til it gets here.Has anyone setup the extra NICs for use as LAN ports ?</sigh>
-
Well .. I got a brand new, never opend SGS 1660.
Opened it, installed pfSense and it works like a dream.
However, the cooling fans are better suited for a closet, garage or basement versus an open-concept very quiet home office.Anyone want to buy a 1-week old Symantec GS 1660 with pfSense pre-installed on it ?
:)
-
Well .. I got a brand new, never opend SGS 1660.
Opened it, installed pfSense and it works like a dream.
However, the cooling fans are better suited for a closet, garage or basement versus an open-concept very quiet home office.Anyone want to buy a 1-week old Symantec GS 1660 with pfSense pre-installed on it ?
:)
Possibly, how much are you asking?
-
I haven't really thought about it too much.
Besides, if I do, it'll hurt - based on how much I paid for it. :)
Anyway, not sure if this should be a PM sort of discussion or not, but I'm currently open to suggestions.
So let me know your thoughts. -
Here's a suggestion.
Swap out the processor for a lower power one then fit quieter fans. That's what I did, worked a treat. ;D
What hardware do you get in those Symantec boxes?Steve
-
Mookatroid,
What type of ethernet chipset does symantec use? -
Here is an older post containing all the good stuff ….
http://forum.pfsense.org/index.php/topic,16043.0.html
... but in summary, the SGS 1660 = VIA C3 1.33GHz CPU (not swappable from what I can tell), 768Mb DDR PC2100 Kingston-branded Desktop RAM (upgradeable to 2GB), Seagate 40GB 40pin 7200rpm IDE HDD, 5 x Intel Gigabit NICs (em0 thru em4), 2 x USB ports, 1 x DB9 RS232C, 1 x internal PCI slot (can only be used when the cover is open - no riser card).
Like I said, very kewl pfSense box. Just needs a better place to live better suited for high CFM fans.
-
I've got my first (I have a few more to play with) Nortel 1010 running in my office and they are very quiet, in fact nearly silent.
You'll have to put in a bigger CF card in most of them. I put in an extra 1 GB I had kicking around and it was sufficient. You'll also have to put the NICs into polling mode to get rid of the IRQ storming (there's a thread here that tells you how to do it). Not sure what the issue is there. Perhaps ACPI? Up to this point the 1.2.3.-RELEASE won't run on them either while the 1.2.3-RC1 does. To be precise, on 1.2.3.-RELEASE, the ethernet ports are deaf but not mute. They'll broadcast but will not respond. Go figure.
Despite the caveats, they're a nice robust and quite unit. Mine sits on a shelf not 2 feet from my head and I can't hear it at all over the fans from my servers under my desk.
-
I have a symantec 1620 firewall i am wanting to do this with. Unfortunately i can not get any PCI video card to register on this thing. Anyone have any ideas? is there a pin reconfiguration i need to do or anything?
-
Kind of an Old topic but..
I've personally converted the following to run pfsense.
Nokia IP330 - There are many different configurations for this. See here - http://community.smoothwall.org/forum/viewtopic.php?p=190620#p190620
-
k6-266/400 or p1-166
-
256pc133 ram
-
20gb HDD or 8gb HDD
-
3 10/100 LAN Interfaces
LanRover/Shiva 3105 - Has single PCI slot, 2 USB ports, Keyboard and Mouse port. More info Here - http://hardforum.com/showthread.php?t=1357559
-
Celeron 733
-
64pc133 ECC
-
16meg CF card
-
2 10/100 LAN Interfaces
Watchgaurd Firebox x700
The nokia was the "hardest" to convert as I couldn't just drop a cf card in, I had to actually remove the hard drive and put it in a PC to install pfsense to it.
The 3105 is an interesting thing, its based on the bx440 chip and is basically a p3 pc. I currently have 1gb of ECC ram in mine. I installed a video card in the PCI slot and was able to run windows, knoppix and debian on it, I eventually installed debian server on it, removed the video card and am using it for light in-house web serving. The USB and Keyboard/Mouse ports are covered by the case but are functional should you wish to make the openings. All that's needed for pfsense is to swap the CF card for one with pfsense installed.
The firebox has been flawless with the exception of the cpu fan failing. Found a replacement fan on ebay for 5$.
-
